CVE-2019-14855

A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.
References
Configurations

Configuration 1

cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Information

Published : 2020-03-20 04:15

Updated : 2022-11-08 02:28


NVD link : CVE-2019-14855

Mitre link : CVE-2019-14855

Products Affected
No products.
CWE
CWE-328

Use of Weak Hash